Sign in to follow this  
tarantino

IE isn't recognized by any website..

Recommended Posts

Hi,Andy

 

Did you happen to be using the McAfee® Anti-Phishing Filter

do you think it maybe part of the problme.

 

and

 

Please download ComboFix and save it to your desktop.

 

Double click combofix.exe and follow the prompts.

 

When it's done running it will produce a log for you. Please post that log in your next reply.

 

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

 

Gogo ;)

Share this post


Link to post
Share on other sites

Hi,Andy

 

Nope it's the only one i know of try again later.

 

for now lit's have a look at this here

 

 

Download and Save blacklight to your desktop.

F-Secure Blacklight: https://europe.f-secure.com/blacklight/try.shtml

Double-click blbeta.exe then accept the agreement.

click > scan then > next,

You'll see a list of all items found - if found, so don't worry it tells that there were no files found.

In case hidden files were found, Don't choose for rename yet! I want to see the log first, because legit items can also be present there...

There must be also a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers)

Post the contents of the log in your next reply.

 

Gogo ;)

Share this post


Link to post
Share on other sites

12/30/06 13:50:59 [info]: BlackLight Engine 1.0.55 initialized

12/30/06 13:50:59 [info]: OS: 5.1 build 2600 (Service Pack 2)

12/30/06 13:50:59 [Note]: 7019 4

12/30/06 13:50:59 [Note]: 7005 0

12/30/06 13:51:01 [Note]: 7006 0

12/30/06 13:51:01 [Note]: 7011 1748

12/30/06 13:51:02 [Note]: 7026 0

12/30/06 13:51:02 [Note]: 7026 0

12/30/06 13:51:06 [Note]: FSRAW library version 1.7.1021

12/30/06 14:37:08 [Note]: 7007 0

 

nothing foind tho

Share this post


Link to post
Share on other sites

Here

----

Owner - 06-12-30 20:43:59.17 Service Pack 2

ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Owner\Desktop\My Stuff"

 

((((((((((((((((((((((((((((((( Files Created from 2006-11-30 to 2006-12-30 ))))))))))))))))))))))))))))))))))

 

 

2006-12-29 18:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy

2006-12-29 18:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2006-12-29 17:17 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2006-12-24 16:50 387 --a------ C:\WINDOWS\system32\vfw_32.reg

2006-12-24 16:50 <DIR> d-------- C:\WINDOWS\system32\drivex

2006-12-05 21:06 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\DivX

 

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2006-12-29 19:10 -------- d-------- C:\Program Files\Common Files\Microsoft Shared

2006-12-29 19:09 -------- d--h----- C:\Program Files\InstallShield Installation Information

2006-12-29 17:05 -------- d-------- C:\Documents and Settings\Owner\Application Data\LimeWire

2006-12-28 20:40 -------- d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor

2006-12-25 18:25 -------- d-------- C:\Documents and Settings\Owner\Application Data\uTorrent

2006-12-14 21:33 -------- d-------- C:\Program Files\Internet Explorer

2006-12-14 21:32 -------- d-------- C:\Program Files\Windows Media Player

2006-12-14 21:30 -------- d-------- C:\Program Files\Outlook Express

2006-12-14 21:30 -------- d-------- C:\Program Files\Common Files\System

2006-12-08 14:49 15360 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys

2006-12-06 23:14 2330624 --a------ C:\WINDOWS\system32\wmvcore.dll

2006-12-02 23:40 -------- d-------- C:\Program Files\DivX

2006-11-27 16:09 -------- d-------- C:\Program Files\SiteAdvisor

2006-11-25 18:17 -------- d-------- C:\Program Files\Java

2006-11-25 18:16 -------- d-------- C:\Program Files\Common Files\Java

2006-11-25 18:16 -------- d-------- C:\Program Files\Common Files

2006-11-25 15:23 65536 --a------ C:\WINDOWS\IFinst27.exe

2006-11-25 12:35 -------- d-------- C:\Program Files\Lavasoft

2006-11-25 12:35 -------- d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft

2006-11-24 23:56 -------- d-------- C:\Program Files\Microsoft Corporation

2006-11-24 23:33 -------- d-------- C:\Program Files\Microsoft Works

2006-11-24 20:05 -------- d-------- C:\Program Files\TuneUp Utilities 2006

2006-11-24 20:04 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard

2006-11-23 21:55 15440 --a------ C:\WINDOWS\system32\drivers\hamachi.sys

2006-11-23 14:59 -------- d-------- C:\Program Files\Winamp

2006-11-15 16:01 520192 --a------ C:\WINDOWS\system32\DivXsm.exe

2006-11-15 16:01 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll

2006-11-15 16:01 200704 --a------ C:\WINDOWS\system32\ssldivx.dll

2006-11-15 16:01 1044480 --a------ C:\WINDOWS\system32\libdivx.dll

2006-11-15 15:56 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll

2006-11-15 15:56 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll

2006-11-15 15:56 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll

2006-11-15 15:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll

2006-11-15 15:56 635486 --a------ C:\WINDOWS\system32\DivX.dll

2006-11-15 15:56 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll

2006-11-15 15:56 57344 --a------ C:\WINDOWS\system32\dpv11.dll

2006-11-15 15:56 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll

2006-11-15 15:56 344064 --a------ C:\WINDOWS\system32\dpus11.dll

2006-11-15 15:56 294912 --a------ C:\WINDOWS\system32\dpu11.dll

2006-11-15 15:56 294912 --a------ C:\WINDOWS\system32\dpu10.dll

2006-11-15 15:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll

2006-11-15 15:36 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

2006-11-15 15:36 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe

2006-11-14 22:27 -------- d-------- C:\Program Files\MSXML 4.0

2006-11-08 22:52 -------- d-------- C:\Program Files\iTunes

2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll

2006-11-07 17:50 -------- d-------- C:\Program Files\GemMaster

2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe

2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll

2006-10-28 20:27 18916 --a------ C:\WINDOWS\system32\tfak.dll

2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll

2006-10-13 07:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll

2006-10-13 07:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll

2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll

2006-10-09 10:58 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll

2006-10-05 19:26 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll

 

 

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"

"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"

"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"

"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

"SiteAdvisor"="\"C:\\Program Files\\SiteAdvisor\\4608\\SiteAdv.exe\""

"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"

"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\McAgent.exe"

"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"

"MPFEXE"="\"C:\\Program Files\\McAfee.com\\Personal Firewall\\MPFTray.exe\""

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000001

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="My Current Home Page"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\

00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00

"CurrentState"=hex:04,00,00,40

"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\

ff,ff,04,00,00,00

"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\

00,00,01,00,00,00

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\

63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\

6d,73,73,74,79,6c,65,73,00

"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\

73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

 

Contents of the 'Scheduled Tasks' folder

C:\WINDOWS\tasks\1-Click Maintenance.job

C:\WINDOWS\tasks\A6A01490917B8D50.job

C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#hp psc 2400 series#1158621125.job

 

Completion time: 06-12-30 20:44:56.71

C:\ComboFix.txt ... 06-12-30 20:44

Share this post


Link to post
Share on other sites

It may seem too obvious, but has anyone considered that something may have changed internet explorer's user agent string?

Share this post


Link to post
Share on other sites

bump* EDIT: OMFG OMFG I DID IT!! (SRRY FOR OVER EXCITEMENT! ROFL!!)

 

thnx ai tak, i went into registry and changed parameters and values and i did !! YES D*mn IT!! THNX!

 

SOLUTION!

 

 

1)First of all you have to check your browsers user string (someone messed up mine [prbly spyware])

by entering java script:alert(navigator.userAgent) this script into your web browser address bar.

 

And this table i copied from microsoft's web site just to let you understand what these parameters mean

MSIE 7.0	Internet Explorer 7
MSIE 7.0b	Internet Explorer 7 (Beta 1 pre-release only)
MSIE 6.0	Internet Explorer 6
MSIE 6.0b	Internet Explorer 6 (pre-release)
MSIE 5.5	Internet Explorer 5.5
MSIE 5.01	Internet Explorer 5.01
MSIE 5.0	Internet Explorer 5
MSIE 5.0b1	Internet Explorer 5 (pre-release)
MSIE 4.01	Internet Explorer 4.01

Platform tokens describe your operating system; the following table lists Internet Explorer platform tokens for the last several versions of Windows.

Platform token	Description
Windows NT 6.0	Windows Vista
Windows NT 5.2	Windows Server 2003; Windows XP x64 Edition
Windows NT 5.1	Windows XP
Windows NT 5.01	Windows 2000, Service Pack 1 (SP1)
Windows NT 5.0	Windows 2000
Windows NT 4.0	Microsoft Windows NT 4.0
Windows 98; Win 9x 4.90	Windows Millennium Edition (Windows Me)
Windows 98	Windows 98
Windows 95	Windows 95
Windows CE	Windows CE

Token	Description
.NET CLR	.NET Framework common language runtime, followed by the version number
SV1	Internet Explorer 6 with enhanced security features. (Windows XP SP2 and Windows Server 2003 only)
Tablet PC	Tablet services are installed; number indicates the version number
Win64; IA64	System has a 64-bit processor (Intel)
Win64; x64	System has a 64-bit processor (AMD)
WOW64	A 32-bit version of Internet Explorer is running on a 64-bit processor.

 

Here's final step

User-Agent Registry Keys

When you install certain Windows components, such as the Microsoft .NET Framework or Windows XP SP2, tokens are added to the user-agent string. This is done by adding tokens to the following registry keys.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)

SOFTWARE

Microsoft

Windows

CurrentVersion

Internet Settings

User Agent

Pre Platform
Token=Value

Post Platform
Token=Value

The Pre-Platform and Post-Platform keys contain values whose names appear before and after the Platform token respectively. For example, if a string value is added to the Post-platform key, the name appears after platform token in the user-agent string. Multiple tokens added to either key appear in an unpredictable order.

You can also override certain tokens of the user-agent string by adding values to the following registry key

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)

SOFTWARE

Microsoft

Windows

CurrentVersion

Internet Settings

5.0

User Agent
(default)= "Mozilla/4.0"
Compatible= "compatible"
Platform= "Windows NT 5.1"
Version= "MSIE 6.0"

Pre Platform
Token=Value

Post Platform
Token=Value

 

There you go, thnx everybody for your help and effort. I guess sometimes user has to figure out some things on his own, but with little help of others. ;)

Edited by Andy{Leet_krew}

Share this post


Link to post
Share on other sites

Hi,Andy

 

Man i would love to help you but im lost on this one.

 

but i think McAfee has something to do with it don't know why

i just do. by the way what is this here

 

C:\WINDOWS\tasks\1-Click Maintenance.job

C:\WINDOWS\tasks\A6A01490917B8D50.job

 

Gogo ;)

Share this post


Link to post
Share on other sites

thank you HJT for your help and effort.

 

(check post above u again :) )

 

C:\WINDOWS\tasks\1-Click Maintenance.job

C:\WINDOWS\tasks\A6A01490917B8D50.job

 

that's tune-up utilities 2006 cleaning my pc from junk ;)

Share this post


Link to post
Share on other sites

Hey,Andy

 

Yes great work you know i just copy and paste this in my files. :)

and a 1000 thanks for posting this info for all to have.

 

take care and a safe NewYears to you and family.

 

Gogo ;)

Share this post


Link to post
Share on other sites
Sign in to follow this